__init__.py

import os
from flask import Flask, request, session
from flask_restful import Api, Resource
from .tunnelstat import SSHSession

app = Flask(__name__)
app.config['ENABLELAUNCH'] = False 
app.config['MESSAGES'] = '/messages'
import datetime
app.config['PERMANENT_SESSION_LIFETIME'] = datetime.timedelta(seconds=300)
app.config['SESSION_REFRESH_EACH_REQUEST'] = True
app.config['SESSION_COOKIE_NAME'] = 'tessession'
app.config['SESSION_COOKIE_SECURE'] = True
app.config['SESSION_COOKIE_HTTPONLY'] = True
app.config['SESSION_COOKIE_SAMESITE'] = None
app.config['APPLICATION_ROOT'] = '/'
if 'FLASK_ENV' in os.environ and os.environ['FLASK_ENV'] == 'development':
    DEV=True
    #app.config['SECRET_KEY'] = 'notverysecret'
    app.config['SECRET_KEY'] = os.urandom(12).hex()
    app.config['DEBUG'] = True
else:
    DEV=False
    app.config['SECRET_KEY'] = os.urandom(12).hex()
    app.config['DEBUG'] = False

api = Api(app)
sshsessions = {}
if DEV:
    from flask_cors import CORS, cross_origin
    CORS(app, supports_credentials=True, origin="localhost:4200")
islocal = True

from . import apiendpoints

@app.after_request
def after_cleanup_sessions(response):
    import logging
    logger=logging.getLogger()
    slist = []
    klist = []
    try:
        sshsessid = session.get('sshsessid', None)

        # kvsessionextension.cleanup_sessions(app)
        _ttl = app.config['PERMANENT_SESSION_LIFETIME']
        if isinstance(_ttl, int):
            ttl = datetime.timedelta(seconds=_ttl)
        else:
            ttl = _ttl
        for k, sshsess in list(sshsessions.items()):
            if datetime.datetime.now() > sshsess.last + ttl:
                logger.debug("session last seen at {} now {}".format(sshsess.last,datetime.datetime.now()))
                slist.append(sshsess)
                klist.append(k)
        # Two keys may point at the same session. In particular an authentication token and our twsproxyauth cookie can both identify a session
        for k in klist:
            del sshsessions[k]
        for s in slist:
            s.kill()
    except:
        logger.error('failed to cleanup old sessions')

    return response


if __name__ == '__main__':
    app.run(port=8080)